Effective Date: December 10, 2024
Last Updated: December 10, 2024
At Firmexa OÜ, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you interact with our website or services.
1. Data Controller
Firmexa OÜ
Address: Parda 5, #35, 10151 Tallinn, Harju, Estonia
Email: data-controller@firmexa.com
Phone: +372 53 623609
2. Information We Collect
We may collect and process the following types of personal data:
- Identity Information: Name, title, date of birth.
- Contact Information: Email address, phone number, billing and shipping address.
- Payment Information: Credit/debit card details, bank account information (processed securely by our payment partners).
- Account Information: Username, password, and preferences.
- Transaction Information: Purchase history, order details.
- Technical Information: IP address, browser type, device details, and cookies.
- Marketing Preferences: Opt-ins for newsletters and promotions.
3. How We Use Your Data
Your personal data is used for the following purposes:
- Order Processing: To fulfill and deliver your purchases.
- Customer Support: To respond to inquiries or complaints.
- Marketing: To send promotions, offers, and updates (with your consent).
- Personalization: To tailor your website experience.
- Legal Compliance: To meet legal obligations, including fraud prevention.
4. Legal Basis for Processing
We process your personal data under the following legal bases:
- Performance of a Contract: For order fulfillment and customer support.
- Consent: For marketing communications.
- Legal Obligation: For accounting, tax, or regulatory compliance.
- Legitimate Interest: For improving services and website security.
5. Data Sharing
We do not sell or rent your personal data. However, we may share your data with:
- Service Providers: Payment processors, delivery partners, and IT service providers.
- Legal Authorities: When required by law or for fraud prevention.
- Marketing Partners: For targeted advertising (with your consent).
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.
- Transaction data: Retained for minimum of 7 years for tax purposes.
- Marketing data: Retained until you withdraw your consent.
7. Your Rights
Under the GDPR, you have the following rights:
- Access: Request a copy of your personal data.
- Rectification: Correct inaccuracies in your data.
- Erasure: Request deletion of your data ("Right to be Forgotten").
- Restriction: Limit the processing of your data.
- Portability: Receive your data in a structured, machine-readable format.
- Objection: Object to data processing, including marketing.
- Withdraw Consent: At any time for marketing communications.
To exercise these rights, please contact us at info@firmexa.com.
8. Data Security
We use technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. This includes:
- Encrypted connections (SSL).
- Secure payment processing.
9. Cookies
We use cookies to enhance your experience. You can manage or disable cookies through your browser settings. For more details, see our [Cookie Policy].
10. International Data Transfers
If your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
- EU Standard Contractual Clauses.
- Adequacy decisions by the European Commission.
11. Updates to This Policy
We may update this policy from time to time. The latest version will always be available on our website. Please review it periodically.
12. Contact Us
If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us:
Email: info@firmexa.com
Phone: +372 53 623609
Alternatively, you have the right to lodge a complaint with your local Data Protection Authority (DPA).